November 12, 2021

Health data and digital healthcare: MedTech Europe Recommendations

The article has been published on October 19, 2021 on Agenda Digitale, within our Legal Health section (Italian)

On June 16, 2021, the European trade association representing the medical technology industries named MedTech Europe (the “Association” or “MedTech”) published a document containing recommendations for maximizing benefits from use of health data collected via medical devices (“Unlocking the full benefits of health data,” the “Recommendations” or “Position Paper”).

For that purpose, the Association suggests using certain legal tools designed to help overcome the legal barriers that currently limit the use of such data and, therefore, keep health data processing from reaching its full potential. According to the Position Paper, clear rules need to be in place across Europe that allow companies that produce medical devices to collect, process, and share health data to develop items such as new—and increasingly personalized—patient treatment solutions.

The goal is to strike a balance between protecting personal data and encouraging scientific and business innovation by clarifying regulations connected to application of Regulation (EU) 2016/679 on personal data protection (“GDPR”) and developing the European Health Data Space (European Health Data Space – “EHDS”).

MedTech demonstrates that appropriate use of health data would pave the way for full development of a digital health system, which would deliver more efficient, safe, and innovative health care.

  1. Medical devices using health data

Appropriate use of health data from medical devices offers benefits in multiple areas. For example, patients can be empowered by wearable devices that constantly inform them of their health status. This kind of access to health data allows a person with diabetes, just as an example, to monitor their glucose level, and educates them as to how their daily behavior impacts their condition. Access to health data can be informative on an individual level, and in the larger scheme of things it decreases the burden on the healthcare system, as medical staff need to intervene only in times of crisis.

Furthermore, the opportunity to monitor a patient by providing health data to healthcare providers makes it easier to manage certain complicated situations, such as that of a patient in post-surgery rehab or one with a potentially fatal disease. In these cases, having access to the data in real time allows emergency care to be provided swiftly, and there are other tangible benefits. As seen in the use of implantable cardiac devices, applying algorithms to data makes it possible to identify conditions that once went unnoticed and to create plans for personalized care, including preventive care.

This data could yield additional benefits to the general public. Basically, analyzing a large amount of health data, especially if it is combined with data from other (official) sources, opens up avenues to explore connections between illness, behavior, and the environment. Additionally, artificial intelligence technologies can be applied to identify clusters of patients with similar characteristics who could be given customized treatment. The Covid-19 pandemic has clearly demonstrated that large-scale datasets allow healthcare providers to recognize patterns within populations and determine appropriate treatment more efficiently.

These are just some examples of how digitizing and producing data can play a pivotal role in making healthcare services more efficient, faster, and more sustainable. The Position Paper notes that in order for this tremendous potential to be realized, regulations will need to be developed that, rather than putting up barriers and creating complications, foster innovation while keeping personal data confidential.

  1. Health data and medical devices: Legal obstacles

In the Position Paper, MedTech addresses legal barriers that limit access and restrict medical device companies from sharing health data.

Specifically, the Association suggests that the following legal barriers that hinder the development of digital healthcare could be addressed under a European regulatory framework:

  • inconsistent implementation and interpretation of the GDPR by Member States;
  • medical device company issues with using health data for secondary purposes (i.e., further processing of data for other purposes). The Recommendations give an example of a company that provides services to healthcare workers and hospitals acting as data processor, but then does not use the personal data collected for further research purposes due to lingering doubts and uncertainty about whether it’s legal to use the data for secondary purposes and the limits on such processing; and
  • need for clarification regarding interaction between the GDPR and the medical device Regulation (EU) 2017/745 (“MDR”) and the in vitro diagnostic medical device Regulation (EU) 2017/746 (“IVDR”).

Regarding interaction between the GDPR and the MDR and IVDR, MedTech points out that companies find it challenging to identify a legal basis pursuant to the GDPR for allowing health data to be processed. Indeed, the Association says it remains unclear whether the obligations that the MDR and the IVDR impose upon medical device companies (e.g., oversight and post-market surveillance and predictive data analytics obligations) allow Article 9, paragraph 2, letters i) and j) of the GDPR to be used as a legal basis for health data processing, meaning that it is done for reasons of public interest in the public health sector, and/or for purposes of scientific research or statistical aims. If said legal bases are applicable, medical device companies could process health data without obtaining patient consent.

That uncertainty poses an obstacle to the use of health data and makes it harder to draw all the potential benefits for both patients and scientific innovation.

  1. MedTech Recommendations

MedTech is calling on the European Union to play a key role in coordinating among Member States for the purpose of consistent application of the GDPR and to banish any uncertainty regarding application of the GDPR. Steps should be taken to protect patient health data while also incentivizing research and innovation, including with regard to the law and safeguarding intellectual property.

Clear regulations and guidelines that govern the behavior of Member States in a consistent way are needed. MedTech is calling on European and national policymakers to work together and take urgent action on the following:

  • set forth rules for proper processing of health data when delivering healthcare (primary use) and for research and innovation purposes (secondary use) in order to encourage development of new technologies based on existing data that currently are not being used;
  • provide clarification regarding (i) the legal basis for use pursuant to the GDPR for processing health data, (ii) the difference between obtaining consent to participate in a clinical study and consent as a legal basis for data processing, and (iii) the interplay between the GDPR, MDR, and IVDR;
  • provide guidelines for data anonymization and pseudonymization techniques;
  • identify existing exceptions for public interest and preventive medicine, for example, with regard to research conducted by pharmaceutical and medical device companies;
  • offer clarification regarding transfer of data within and outside of the EU, as those regulations are still murky and their interpretation subject to uncertainty.

< Back to blog
Welcome to the Portolano Cavallo Life Sciences blog focusing on legal development and key legal issues affecting the life sciences and healthcare industry.
Read more
Our highly-ranked team of professionals will provide news, insights and multidisciplinary commentary on the hottest and most recent regulatory, transactional and contentious aspects of the pharmaceutical, bio-tech, med-tech, food supplement and healthcare world with an eye on its digital transformation and technological developments.

This blog will be a place for focusing on digital health, telemedicine and artificial intelligence, as well as more traditional topics: from the protection of intellectual properties to performance of clinical trials, from the market access to advertising and competition issues, from internal and criminal investigations to M&A and venture capital transactions.

October 6, 2023
CBD products: the Administrative Court suspended until October 24 the recent Decree of the Italian Ministry of Health listing cannabidiol for oral use among narcotic drugs, due to the lack o...
October 4, 2023
The Guidelines for regulating contractual relations between universities and research institutes and private sponsors were adopted by the relevant Italian Ministries following the amendment ...
September 21, 2023
CBS products: from September 20th, compositions for oral administration of cannabidiol obtained from Cannabis sativa extracts shall be considered as narcotic drugs in Italy, as they have bee...
July 27, 2023
Payback on medical devices: Italian government announces extension of payment deadline to October 30, 2023
July 21, 2023
On July 21, 2023, the Italian Ministry of Health published new guidelines on health advertising of self-medication drugs (OTC) and non-prescription drugs (SOP), including advertising on new ...
Search by...
Follow us on
Follow us on